33 matches found
EUVD-2008-5538
Malware in sbrugna...
EUVD-2008-6982
Malware in sbrugna...
EUVD-2008-2269
Malware in sbrugna...
EUVD-2008-0163
Malware in sbrugna...
EUVD-2007-4007
Malware in sbrugna...
EUVD-2008-2270
Malware in sbrugna...
Aruba Networks Mobility Controller Cross-Site Request Forgery Vulnerability
Aruba Networks Mobility Controller is a suite of solutions that provide mobile access for the enterprise. A cross-site request forgery vulnerability exists in Aruba Networks Mobility Controller, which allows remote attackers to construct malicious URIs, trick users into parsing them, and can...
Aruba Networks Mobility Controller Cross-Site Scripting Vulnerability
Aruba Networks Mobility Controller is a suite of solutions that provide mobile access for the enterprise. A cross-site scripting vulnerability in Aruba Networks Mobility Controller allows remote attackers to exploit the vulnerability to inject malicious script or HTML code, which can be used to...
Aruba Mobility Controller security vulnerabilities
DoS and authentication bypass...
CVE-2009-3836
ArubaOS 3.3.1.x, 3.3.2.x, RN 3.1.x, 3.4.x, and 3.3.2.x-FIPS on the Aruba Mobility Controller allows remote attackers to cause a denial of service Access Point crash via a malformed 802.11 Association Request management frame...
CVE-2009-3836
CVE-2009-3836 affects ArubaOS (3.3.1.x, 3.3.2.x, RN 3.1.x, 3.4.x, and 3.3.2.x-FIPS) on Aruba Mobility Controller. The vulnerability enables remote attackers to trigger a denial of service resulting in an Access Point crash by sending a malformed 802.11 Association Request management frame. Connec...
CVE-2008-7095
The SNMP daemon in ArubaOS 3.3.2.6 in Aruba Mobility Controller does not restrict SNMP access, which allows remote attackers to 1 read all SNMP community strings via SNMP-COMMUNITY-MIB::snmpCommunityName 1.3.6.1.6.3.18.1.1.1.2 or SNMP-VIEW-BASED-ACM-MIB::vacmGroupName 1.3.6.1.6.3.16.1.2.1.3 with...
Code injection
The SNMP daemon in ArubaOS 3.3.2.6 in Aruba Mobility Controller does not restrict SNMP access, which allows remote attackers to 1 read all SNMP community strings via SNMP-COMMUNITY-MIB::snmpCommunityName 1.3.6.1.6.3.18.1.1.1.2 or SNMP-VIEW-BASED-ACM-MIB::vacmGroupName 1.3.6.1.6.3.16.1.2.1.3 with...
CVE-2008-7095
The CVE-2008-7095 entry affects ArubaOS 3.3.2.6 on Aruba Mobility Controller, where the SNMP daemon does not restrict SNMP access. This allows remote attackers to read SNMP data: (1) all community strings via SNMP-COMMUNITY-MIB::snmpCommunityName or vacmGroupName via SNMP-VIEW-BASED-ACM-MIB with ...
CVE-2008-7023
Aruba Mobility Controller running ArubaOS 3.3.1.16, and possibly other versions, installs the same default X.509 certificate for all installations, which allows remote attackers to bypass authentication. NOTE: this is only a vulnerability when the administrator does not follow recommendations in...
CVE-2008-7023
Aruba Mobility Controller running ArubaOS 3.3.1.16, and possibly other versions, installs the same default X.509 certificate for all installations, which allows remote attackers to bypass authentication. NOTE: this is only a vulnerability when the administrator does not follow recommendations in...
CVE-2008-7023
The CVE-2008-7023 entry describes an authentication bypass in Aruba Mobility Controller (ArubaOS 3.3.1.16 and possibly other versions) caused by the use of the same default X.509 certificate across installations. This enables remote bypass of authentication. No exploitation details or remediation...
Aruba Mobility Controller基于公钥SSH认证绕过安全限制漏洞
BUGTRAQ ID: 34711 Aruba Mobility Controller可为企业提供移动接入解决方案。 Aruba Mobility Controller允许使用SSH访问控制器的用户通过公钥进行认证。基于密钥的SSH认证组件中的安全漏洞允许用户获得对Aruba Mobility Controller管理帐号的非授权SSH访问。请注意这种认证方式不是默认的,必须手动配置。 Aruba Networks Mobility Controllers 3.3.2.x Aruba Networks Mobility Controllers 3.3.1.x Aruba Networks...
CVE-2008-5563
CVE-2008-5563 affects Aruba Mobility Controller versions 2.4.8.x-FIPS, 2.5.x, 3.1.x, 3.2.x, 3.3.1.x, and 3.3.2.x. The vulnerability allows remote attackers to cause a denial of service (device crash) by sending a malformed EAP frame. The sources consistently describe a network-exposed DoS vector ...
CVE-2008-5563
Aruba Mobility Controller 2.4.8.x-FIPS, 2.5.x, 3.1.x, 3.2.x, 3.3.1.x, and 3.3.2.x allows remote attackers to cause a denial of service device crash via a malformed Extensible Authentication Protocol EAP frame...